Current Affairs

SOVA Virus

  • Posted By
  • Categories
    Science & Technology
  • Published
    21st Sep, 2022


The new mobile banking 'Trojan' virus -- SOVA -- which can stealthily encrypt an Android phone for ransom and is hard to uninstall is targeting Indian customers.

Which countries were its previous targets?

  • SOVA was earlier focusing on countries like the US, Russia and Spain, but in July 2022 it added several other countries, including India, to its list of targets.
  • The virus has upgraded to its fifth version after it was first detected in the Indian cyberspace in July.

What can it do?

  • SOVA can add false overlays to a range of apps and "mimic" over 200 banking and payment applications in order to con the Android user.
  • The latest version of this malware hides itself within fake Android applications that show up with the logo of a few famous legitimate apps like Chrome, Amazon, NFT (non-fungible token linked to crypto currency) platform to deceive users into installing them.
  • The malware is distributed via smishing (phishing via SMS) attacks, like most Android banking Trojans.

How dangerous is this new malware?

  • The lethality of the virus can be gauged from the fact that it can collect keystrokes, steal cookies, intercept multi-factor authentication (MFA) tokens, take screenshots and record video from a webcam and can perform gestures like screen click, swipe etc. using android accessibility service.

Verifying, please be patient.